The RhodeCode Enterprise API uses a single scheme for calling all API methods. The API is
implemented with JSON protocol in both directions. To send API requests to
your instance of RhodeCode Enterprise, use the following URL format
<your_server>/_admin

Note

To use the API, you should configure the ~/.rhoderc file with
access details per instance. For more information, see
Configure the .rhoderc File.

API access can also be turned on for each web view in RhodeCode Enterprise that is
decorated with a @LoginRequired decorator. To enable API access, change
the standard login decorator to @LoginRequired(api_access=True).

From RhodeCode Enterprise version 1.7.0 you can configure a white list
of views that have API access enabled by default. To enable these,
edit the RhodeCode Enterprise configuration .ini file. The default location is:

To configure the white list, edit this section of the file. In this
configuration example, API access is granted to the patch/diff raw file and
archive.

## List of controllers (using glob syntax) that AUTH TOKENS could be used for access.## Adding ?auth_token = <token> to the url authenticates this request as if it## came from the the logged in user who own this authentication token.#### Syntax is <ControllerClass>:<function_pattern>.## The list should be "," separated and on a single line.##api_access_controllers_whitelist=RepoCommitsView:repo_commit_raw,RepoCommitsView:repo_commit_patch,RepoCommitsView:repo_commit_download

After this change, a RhodeCode Enterprise view can be accessed without login by adding a
GET parameter ?auth_token=<auth_token> to a url. For example to
access the raw diff.

http://<server>/<repo>/changeset-diff/<sha>?auth_token=<auth_token>

By default this is only enabled on RSS/ATOM feed views. Exposing raw diffs is a
good way to integrate with 3rd party services like code review, or build farms
that could download archives.